1. Information
Updates on Microsoft Security Bulletin (3088903)
[21/08/2015] Microsoft has updated information on the Security Bulletin
for Microsoft Internet Explorer. MS15-078 was revised to announce a detection
change in the 3087985 update for Internet
Explorer.
URL:technet.microsoft.com/en-us/library/security/MS15-093
2. Vulnerability in Apache Tapestry
(105794)
[21/08/2015]
Vulnerability was identified in the Apache
Tapestry. An attacker could bypass security restrictions and execute arbitrary
code on the system. This vulnerability affects versions prior to 5.3.6 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105794
3. Vulnerabilities in Apple QuickTime
(HT205046)
[21/08/2015]
Vulnerabilities were identified in the Apple
QuickTime for Windows 7 and Windows Vista. An attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect versions prior to 7.7.8 of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:support.apple.com/en-us/HT205046
URL:www.us-cert.gov/ncas/current-activity/2015/08/20/Apple-Releases-Security-Update-QuickTime
4. Vulnerabilities in Cisco
Products
[21/08/2015]
Vulnerabilities were identified in the Cisco
Prime Infrastructure and Cisco Aggregation Services Routers. An attacker could
bypass security restrictions, gain elevated privileges, cause a denial of
service condition and crash the system. These vulnerabilities affect multiple
firmware versions of the mentioned products. Security patches are available to
resolve these vulnerabilities except the Cisco Prime
Infrastructure.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40553
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40585
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105793
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105796
5. Vulnerability in HP-UX
(c04735247)
[21/08/2015] Vulnerability was identified in the HP-UX. An attacker could
bypass security restrictions and gain elevated privileges. This vulnerability
affects versions 11.11, 11.23 and 11.31 of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04735247
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105795
6. Vulnerability in EMC Documentum D2
(105797)
[21/08/2015]
Vulnerability was identified in the EMC
Documentum D2. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code and compromise the
system. This vulnerability affects versions prior to 4.5 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105797
7. Vulnerability in Micros DVR Products
(VU#276148)
[21/08/2015] Vulnerability was identified in dedicated Micros DVR
products, including the DV-IP Express, SD Advanced, SD, EcoSense, and DS2. An
attacker could bypass security restrictions, obtain sensitive information and
compromise the system. This vulnerability affects multiple versions of the
mentioned
products.
URL:www.kb.cert.org/vuls/id/276148
8. Vulnerabilities in Drupal (DRUPAL-SA-CORE-2015-003,
DRUPAL-SA-CONTRIB-2015-139, DRUPAL-SA-CONTRIB-2015-140,
DRUPAL-SA-CONTRIB-2015-141)
[21/08/2015] Vulnerabilities were identified in the Drupal. An attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code and compromise the system. These
vulnerabilities affects versions prior to 6.37 or 7.39 of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:www.drupal.org/SA-CORE-2015-003
URL:www.drupal.org/node/2553971
URL:www.drupal.org/node/2553977
URL:www.drupal.org/node/2554145
URL:www.us-cert.gov/ncas/current-activity/2015/08/19/Drupal-Releases-Security-Updates
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105755
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105775
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105776
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105777
9. Vulnerability in WP Symposium plugin for WordPress
(105780)
[21/08/2015]
Vulnerability was identified in the WP Symposium
plugin for WordPress. An attacker could bypass security restrictions and execute
arbitrary code on the system. This vulnerability affects version 15.1 of the
mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105780
10.
Security Updates in Debian
(DSA-3341-1)
[21/08/2015] Debian has
released security update packages for fixing the vulnerability identified in the
conntrack package for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3341
11.
Security Updates in SUSE
(SUSE-SU-2015:1409-1)
[21/08/2015] SUSE has
released security update packages for fixing the vulnerability identified in the
kvm package of SUSE Linux Enterprise 11. An attacker could bypass security
restrictions and execute arbitrary
code.
URL:lists.opensuse.org/opensuse-security-announce/2015-08/msg00017.html
12.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1646-1, RHSA-2015:1647-1)
[21/08/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the rh-mariadb100-mariadb and mariadb55-mariadb packages for Red Hat Software
Collections 2 for Red Hat Enterprise Linux 6 and 7. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1646.html
URL:rhn.redhat.com/errata/RHSA-2015-1647.html
13.
Security Updates in Ubuntu GNU/Linux
(USN-2702-3, USN-2702-2)
[21/08/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the firefox and subversion packages for versions 12.04 LTS, 14.04 LTS and 15.04
of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2702-3/
URL:www.ubuntu.com/usn/usn-2721-1/
14.
Vulnerabilities in IBM WebSphere
Application Server (1963275)
[20/08/2015] Vulnerabilities were identified in the IBM WebSphere
Application Server. An attacker could bypass security restrictions, obtain
sensitive information and gain elevated privileges. These vulnerabilities
affects versions 7, 8 and 8.5 of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:www-01.ibm.com/support/docview.wss?uid=swg21963275
URL:www.hkcert.org/my_url/en/alert/15082001
15.
Vulnerability in Magento Community
Edition (105725)
[20/08/2015] Vulnerability was identified in the Magento Community
Edition. An attacker could bypass security restrictions and execute arbitrary
code on the system. This vulnerability affects version 1.9.1.0 CE of the
mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105725
16.
Vulnerabilities in Django (105728,
105729)
[20/08/2015]
Vulnerabilities were identified in the Django.
An attacker could bypass security restrictions, cause a denial of service
condition and crash the system. These vulnerabilities affects versions prior to
1.4.22, 1.7.10 or 1.8.4 of the mentioned product. Security patches are available
to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105728
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105729
17.
Security Updates in NetBSD (SA2015-007,
SA2015-008)
[20/08/2015] NetBSD has
released security update packages for fixing the vulnerabilities identified in
the openssl packages for multiple versions of NetBSD GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and crash the
system.
URL:ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-007.txt.asc
URL:ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
18.
Vulnerability in Microsoft Internet
Explorer (MS15-093)
[19/08/2015] Vulnerability was identified in the Microsoft Internet
Explorer. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise the system. This vulnerability
affects all supported versions of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:technet.microsoft.com/en-us/library/security/MS15-093
URL:www.hkcert.org/my_url/en/alert/15081901
19.
Vulnerability in Adobe LiveCycle Data
Services (APSB15-20)
[19/08/2015] Vulnerability was identified in the Adobe LiveCycle Data
Services. An attacker could bypass security restrictions, obtain sensitive
information. This vulnerability affects multiple versions of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:helpx.adobe.com/content/help/en/security/products/livecycleds/apsb15-20.html
20.
Vulnerabilities in Cisco
Products
[19/08/2015]
Vulnerabilities were identified in the Cisco
Finesse, Cisco TelePresence Video Communication Server Expressway and Cisco
Unified Interaction Manager. An attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the system. These
vulnerabilities affect multiple firmware versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40436
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40518
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40522
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40523
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40555
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105701
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105702
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105704
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105705
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105706
21.
Vulnerability in F5 Products
(SOL17047)
[19/08/2015]
Vulnerability was identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IQ Cloud, BIG-IQ Device, BIG-IQ
Security and BIG-IQ ADC. An attacker could bypass security restrictions and
obtain sensitive information. This vulnerability affects multiple versions of
the mentioned products. Security patches are available to resolve this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/17000/000/sol17047.html
22.
Vulnerabilities in Trend Micro
Products
[19/08/2015]
Vulnerabilities were identified in the Trend
Micro Deep Discovery. An attacker bypass security restriction, obtain sensitive
information, execute arbitrary code and perform cross-site scripting attacks.
These vulnerabilities affect version 3.8 of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:esupport.trendmicro.com/solution/en-US/1112206.aspx
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105698
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105699
23.
Vulnerability in FTP Commander
(105700)
[19/08/2015]
Vulnerability was identified in the FTP
Commander. An attacker could bypass security restrictions, cause a denial of
service condition and crash the system. This vulnerability affects version 8.02
of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105700
24.
Vulnerability in Foxit Software Foxit
Reader (105696)
[19/08/2015] Vulnerability was identified in the Foxit Software Foxit
Reader. An attacker could bypass security restrictions and execute arbitrary
code on the system. This vulnerability affects version 7.1.5 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105696
25.
Vulnerability in MASM32 Quick Editor
(105678)
[19/08/2015]
Vulnerability was identified in the MASM32 Quick
Editor. An attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the system. This vulnerability
affects version 11 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105678
26.
Vulnerability in PHP
(105673)
[19/08/2015]
Vulnerability was identified in the PHP. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105673
27.
Security Updates in Oracle Linux
(ELSA-2015-1640)
[19/08/2015] Oracle has
released security update packages for fixing the vulnerability identified in the
pam packages for Oracle Linux 6 and 7. An attacker could bypass security
restriction, cause a denial of service condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2015-1640.html
28.
Security Updates in Debian
(DSA-3337-1)
[19/08/2015] Debian has
released security update packages for fixing the vulnerability identified in the
gdk-pixbuf package for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions and execute arbitrary
code.
URL:www.debian.org/security/2015/dsa-3337
29.
Security Updates in FreeBSD
(FreeBSD-SA-15:20.expat)
[19/08/2015] FreeBSD
has released security update packages for fixing the vulnerability identified in
the libbsdxml packages for multiple versions of FreeBSD Linux. An attacker could
bypass security restriction, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:20.expat.asc
30.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1640-1, RHSA-2015:1642-1,
RHSA-2015:1643-1)
[19/08/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the pam, JBoss Web Server 2.1.0 and kernel packages for Red Hat Enterprise
Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1640.html
URL:rhn.redhat.com/errata/RHSA-2015-1642.html
URL:rhn.redhat.com/errata/RHSA-2015-1643.html
31.
Security Updates in Ubuntu GNU/Linux
(USN-2710-2, USN-2713-1, USN-2714-1, USN-2715-1, USN-2716-1, USN-2717-1,
USN-2718-1, USN-2719-1, USN-2720-1)
[19/08/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openssh, linux, linux-ti-omap4, linux-lts-trusty, inux-lts-utopic,
linux-lts-vivid and python-django packages for versions 12.04 LTS, 14.04 LTS and
15.04 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2710-2/
URL:www.ubuntu.com/usn/usn-2713-1/
URL:www.ubuntu.com/usn/usn-2714-1/
URL:www.ubuntu.com/usn/usn-2715-1/
URL:www.ubuntu.com/usn/usn-2716-1/
URL:www.ubuntu.com/usn/usn-2717-1/
URL:www.ubuntu.com/usn/usn-2718-1/
URL:www.ubuntu.com/usn/usn-2719-1/
URL:www.ubuntu.com/usn/usn-2720-1/
32.
Vulnerability in Apache ActiveMQ
(105644)
[18/08/2015]
Vulnerability was identified in the Apache
ActiveMQ. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and compromise the system. This
vulnerability affects versions prior to 5.12.0 or 5.11.2 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105644
33.
Vulnerabilities in Cisco
Products
[18/08/2015]
Vulnerabilities were identified in the Cisco
Prime Infrastructure and Cisco NX-OS Internet Group Management Protocol. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/quickview/bug/CSCut39938
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40470
URL:www.kb.cert.org/vuls/id/300820
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105649
34.
Vulnerabilities in F5 Products (SOL17049,
SOL17061, SOL17113, SOL17114, SOL17115, SOL17118, SOL17120, SOL17123, SOL17124,
SOL17127, SOL17130)
[18/08/2015] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway,
BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, FirePass, BIG-IQ Cloud,
BIG-IQ Device, BIG-IQ Security, BIG-IQ ADC, LineRate and Traffix SDC. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/17000/000/sol17049.html
URL:support.f5.com/kb/en-us/solutions/public/17000/000/sol17061.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17113.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17114.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17115.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17118.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17120.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17123.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17124.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17127.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17130.html
35.
Vulnerability in Huawei Mobile Broadband
Product (Huawei-SA-20150817-01-MBB)
[18/08/2015] Vulnerability was identified in the Huawei MBB (Mobile
Broadband) product E3272s. An attacker could bypass security restrictions, cause
a denial of service condition and crash the system. This vulnerability affects
firmware versions prior to E3272s-153TCPU-V200R002B491D09SP00C00 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-450877.htm
36.
Vulnerabilities in EMC Products (105650,
105651, 105652, 105653, 105654, 105655, 105656, 105657, 105658, 105659,
105660)
[18/08/2015]
Vulnerabilities were identified in the EMC
Documentum Content Server and EMC multiple RSA BSAFE products. An attacker
bypass security restriction, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105650
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105651
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105652
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105653
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105654
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105655
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105656
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105657
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105658
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105659
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105660
37.
Vulnerability in Google Android
(105645)
[18/08/2015]
Vulnerability was identified in the Google
Android. An attacker could bypass security restrictions and obtain sensitive
information. The affected version was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105645
38.
Security Updates in Oracle Linux
(ELSA-2015-1627, ELSA-2015-1628, ELSA-2015-1633, ELSA-2015-1634, ELSA-2015-1635,
ELSA-2015-1636)
[18/08/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the glibc, mysql55-mysql, subversion, sqlite and net-snmp packages for Oracle
Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security
restriction, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-1627.html
URL:linux.oracle.com/errata/ELSA-2015-1628.html
URL:linux.oracle.com/errata/ELSA-2015-1633.html
URL:linux.oracle.com/errata/ELSA-2015-1634.html
URL:linux.oracle.com/errata/ELSA-2015-1635.html
URL:linux.oracle.com/errata/ELSA-2015-1636.html
39.
Security Updates in Debian
(DSA-3336-1)
[18/08/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the nss package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information and perform spoofing
attacks.
URL:www.debian.org/security/2015/dsa-3336
40.
Security Updates in Mageia
(MGASA-2015-0315)
[18/08/2015] Mageia has
released security update packages for fixing the vulnerability identified in the
kdepim4 packages for multiple versions of Mageia. An attacker could bypass
security restrictions and obtain sensitive
information.
URL:advisories.mageia.org/MGASA-2015-0315.html
41.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1627-1, RHSA-2015:1628-1, RHSA-2015:1629-1, RHSA-2015:1630-1,
RHSA-2015:1633-1, RHSA-2015:1634-1, RHSA-2015:1635-1,
RHSA-2015:1636-1)
[18/08/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the glibc, mysql55-mysql, rh-mysql56-mysql, subversion, sqlite and net-snmp
packages for Red Hat Software Collections 2, Red Hat Enterprise Linux 5, 6 and
7. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1627.html
URL:rhn.redhat.com/errata/RHSA-2015-1628.html
URL:rhn.redhat.com/errata/RHSA-2015-1629.html
URL:rhn.redhat.com/errata/RHSA-2015-1630.html
URL:rhn.redhat.com/errata/RHSA-2015-1633.html
URL:rhn.redhat.com/errata/RHSA-2015-1634.html
URL:rhn.redhat.com/errata/RHSA-2015-1635.html
URL:rhn.redhat.com/errata/RHSA-2015-1636.html
42.
Security Updates in Ubuntu GNU/Linux
(USN-2711-1)
[18/08/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the net-snmp packages for versions 12.04 LTS, 14.04 LTS and 15.04 of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.ubuntu.com/usn/usn-2711-1/
43. Vulnerabilities in Cisco
Products
[17/08/2015]
Vulnerabilities were identified in the Cisco ASR
9000 Series Aggregation Services Routers, Cisco Nexus 3000 Series Switches,
Cisco WebEx Node for Cisco Media Convergence Server, Cisco Unified Interaction
Manager, Cisco Nexus 9000 Series Switches, Cisco FireSIGHT Management Center,
Cisco TelePresence Video Communication Server, Cisco Edge 340 Series Digital
Media Player, Cisco Adaptive Security Appliance, Cisco Content Security
Management Appliance, Cisco Nexus Operating System Address Resolution Protocol
and Cisco Unified Communications Manager. An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the system.
These vulnerabilities affect multiple versions of the mentioned
products.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39939
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40426
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40427
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40428
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40429
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40431
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40432
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40433
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40434
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40439
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40440
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40441
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40442
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40443
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40444
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40445
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40446
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40450
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40469
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105593
44.
Vulnerabilities in Trend Micro
OfficeScan
[17/08/2015]
Vulnerabilities were identified in the Trend
Micro OfficeScan 11. An attacker could bypass security restrictions, obtain
sensitive information, cause a denial of service condition and crash the system.
These vulnerabilities affect versions prior to 11.0 Service Pack 1 of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:docs.trendmicro.com/all/ent/officescan/v11.0/en-us/osce_11.0_sp1_cp_server_readme.htm#resolved
URL:downloadcenter.trendmicro.com/index.php?regs=NABU&clk=tbl&clkval=4569&cm_mmc=RSS-_-Download%20Center-_-product-_-5
45.
Vulnerabilities in OSIsoft PI Data
Archive Server (ICSA-15-225-01)
[17/08/2015] Vulnerabilities were identified in the OSIsoft PI Data
Archive Server. An attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the system. These
vulnerabilities affect versions prior to 3.4.3950.64 of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-225-01
46.
Security Updates in Oracle Linux
(ELSA-2015-1623, ELSA-2015-3071, ELSA-2015-3072,
ELSA-2015-3073)
[17/08/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the kernel and kernel-uek packages for Oracle Linux 5, 6 and 7. Due to multiple
errors, an attacker could bypass security restriction, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2015-1623.html
URL:linux.oracle.com/errata/ELSA-2015-3071.html
URL:linux.oracle.com/errata/ELSA-2015-3072.html
URL:linux.oracle.com/errata/ELSA-2015-3073.html
47.
Security Updates in Gentoo Linux (GLSA
201508-01, GLSA 201508-02, GLSA 201508-03)
[17/08/2015] Gentoo has
released security update packages for fixing the vulnerabilities identified in
the adobe-flash, libgadu and icecast packages for multiple versions of Gentoo
Linux. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:security.gentoo.org/glsa/201508-01
URL:security.gentoo.org/glsa/201508-02
URL:security.gentoo.org/glsa/201508-03
48.
Security Updates in Mageia
(MGASA-2015-0304, MGASA-2015-0305, MGASA-2015-0306, MGASA-2015-0307,
MGASA-2015-0308, MGASA-2015-0309, MGASA-2015-0310, MGASA-2015-0311,
MGASA-2015-0312, MGASA-2015-0313, MGASA-2015-0314)
[17/08/2015] Mageia has released security update packages for fixing the
vulnerabilities identified in the lxc, firefox, firefox-l10n, cacti, libunwind,
ghostscript, wordpress,qemu, flash-player-plugin, rootcerts, nss, gdk-pixbuf2.0
and owncloud packages for multiple versions of Mageia. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0304.html
URL:advisories.mageia.org/MGASA-2015-0305.html
URL:advisories.mageia.org/MGASA-2015-0306.html
URL:advisories.mageia.org/MGASA-2015-0307.html
URL:advisories.mageia.org/MGASA-2015-0308.html
URL:advisories.mageia.org/MGASA-2015-0309.html
URL:advisories.mageia.org/MGASA-2015-0310.html
URL:advisories.mageia.org/MGASA-2015-0311.html
URL:advisories.mageia.org/MGASA-2015-0312.html
URL:advisories.mageia.org/MGASA-2015-0313.html
URL:advisories.mageia.org/MGASA-2015-0314.html
49.
Security Updates in Slackware
(SSA:2015-226-01, SSA:2015-226-02)
[17/08/2015] Slackware
has released security update packages for fixing the vulnerabilities identified
in the mozilla-firefox and mozilla-thunderbird packages for multiple versions of
Slackware Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.312024
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360362
50.
Security Updates in SUSE
(openSUSE-SU-2015:1382-1, openSUSE-SU-2015:1387-1, openSUSE-SU-2015:1388-1,
openSUSE-SU-2015:1389-1, openSUSE-SU-2015:1390-1,
openSUSE-SU-2015:1391-1)
[17/08/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Linux Kernel, glibc, flash-player and MozillaFirefox packages of openSUSE
13.1 and 13.2. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html
URL:lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html
URL:lists.opensuse.org/opensuse-security-announce/2015-08/msg00013.html
URL:lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
URL:lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
URL:lists.opensuse.org/opensuse-security-announce/2015-08/msg00016.html
51.
Security Updates in Ubuntu GNU/Linux
(USN-2709-1, USN-2710-1)
[17/08/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the pollinate and openssh packages for versions 12.04 LTS, 14.04 LTS and 15.04
of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, perform brute-force password attacks and obtain sensitive
information.
URL:www.ubuntu.com/usn/usn-2709-1/
URL:www.ubuntu.com/usn/usn-2710-1/
Source(s)
of above information:AdobeAppleCERT/CCCiscoDebianDrupalF5FreeBSDHKCERTHuaweiIBMIBM
ISSMageiaMicrosoftNetBSDopenSUSEOracleRed
HatSlackwareTrend
MicroUbuntuUS-CERT
No comments:
Post a Comment